My husband\’s company is self-insured, and it seems that they change plan administrators once or twice a year. I have been routed to Moline, Peoria and now Minnesota when I have questions about a bill. In addition, every time his employer changes TPA\’s, we have to divulge details of accidents, etc., all over again.
So not only is the confidentiality of our information compromised by the structure of these TPA\’s and companies like Medical Excess, but that information keeps getting shifted around from company to company. It makes me wonder whether our information will not only be used for identity theft, but also somehow sold for commercial purposes — or, just to stretch it a bit further, it wouldn\’t surprise me one bit if Medical Excess might be a bit player in government efforts to grab every bit of data about everyone from anyplace. Read Jonathan Turley\’s column in Saturday\’s L.A. Times – here\’s the link: http://www.latimes.com/news/printedition/opinion/la-oe-turley24jun24,1,3332362.story
Who knows where our info is going to end up?
Regardless, this whole episode just shows how poorly Medical Excess treats its clients – where\’s the accountability?
OK – what was at risk is in \’a few cases\’ medical info & SS #s. Brokers used our SS #s in place of another # that typically does not identify the person – IE insurance card may have a BBH334KL as an ID to prevent theft. So the brokers were seeking quotes from AIG, & one of AIG\’s employee benefit products is this thing called \’Medical Excess,\’ which is listed at the top of my letter. Essentially, medical excess is \’coverage for employees who need insurance beyond the limits allowed by most plans.\’ In my case, I have 2 dental plans & have had many dental issues. This is considered the \’catastrophic medical risk management business.\’ So perhaps some of us are using the medical benefits we PAY FOR.
both my employer and my husband\’s are self-funded & his also changed administrators in the last year….now both employers use the same administrator. Here\’s another interesting article I found regarding what identity thieves do with health records: http://www.informationweek.com/news/showArticle.jhtml?articleID=189500020
AARGH…just spoke with a co-worker & she also got the letter…think it\’s my employer then. So…what can be done? Anything?
Irate,
The insurance I carry through my employer was dental as well. However, now that I think about it, I may have maxed out our family benefit for the 2005 year, but I found it not to be a bargain so I dropped it at the end of 2005. I don\’t have any other insurance through my own employer (on husband\’s plan), so I find the whole thing to be kind of bizarre. Unless I\’m still in somebody\’s database when I shouldn\’t be. I suppose if a group is shopping around, they will use information from a prior year. I\’m still really ticked about this!
OK, so I just got the infamous letter. I won\’t waste time with my feelings about this experience (they\’re undoubtably the same as yours.) The question is, what can we– all 930.000 of us– do to organize and gain some kind of voice in all this, rather than simply being the victims? I have to admit being skeptical of class-actions (for a variety of reasons)… but I do want to see some accountability from those responsible (AIG, not just anonymous thieves), a restoration of my sense of privacy and security, and hopefully protection for other consumer\’s rights so they don\’t also have to go through this. Are there any organizations that can assist us? What can WE do?
The more I read about this the more miffed i get that some broker has my ID, my medical/dental history, & considers my past treatments as \’high risk,\’ meaning, \’I might cost the company a ton of money.\’ Claim & cost reduction \’to help maximize medical $$$ spent & at the same time preserve or enhance clinical outcomes.\’ Oddly, they list things like renal disease, organ transplant, hemophillia, multiple medical conditions as the high costs they are trying to contain! I have a dental implant & root canals & freq cleanings. Guess i am just too expensive!
the thing is, our confidentiality, our privacy, has been violated by brokers trying to save money. Our HIPPA rights are violated. I may check out a HIPPA website. SS # should NEVER EVER be used & other \’dummy\’ numbers are what we in insurance companies use. So the brokers, thier employers, those who are not named in the articiles, they are accountable. If they are in the business of buying/selling cheap medical coverage for high utilizers, then they should use protected ID\’s. I will read thru some of my HIPPA materials but this medical data they collect is PROTECT HEALTH INFORMATION – PHI. Our true identities should not be resting on a laptop.
Can\’t begin to tell you how much we are lectured to and tested over our knowledge of HIPAA in my workplace. Employees at the healthcare institution in which I am employed are fired in a heartbeat for violating anything regarding HIPAA! Individuals are hired to simply track on-line activity of employees to make sure they aren\’t looking at any patient information unrelated to their need to do their jobs. I am going to contact the HIPAA compliance officer at our institution regarding this gross violation of my medical records, not to mention the theft of valuable personal information!
I agree with Kay. The envelope in which the rather important letter was sent just appears to be another piece of junk mail. I opened it just to make sure it didn\’t contain something I might need to shred (to protect my identity)…so much for that precaution! I retrieved the envelope from my trash can just in case it might be useful in a court case someday!
If the area was password-protected, then whoever took the server knew a lot about what they were doing. Checking the contents of the server would be child\’s play for them.
I too am angered that I did not do business with AIG directly, nor was I given any information to the effect that AIG would have access to my records. Clearly the people at my agency gave AIG the data without first validating AIG\’s security. I intend to find out which of my insurance companies brokered my information and find out why they did such an irresponsible thing.
We have updated our privacy policy to be more clear and meet the new requirements of the GDPR. By continuing to use our site, you accept our revised Privacy Policy.
My husband\’s company is self-insured, and it seems that they change plan administrators once or twice a year. I have been routed to Moline, Peoria and now Minnesota when I have questions about a bill. In addition, every time his employer changes TPA\’s, we have to divulge details of accidents, etc., all over again.
So not only is the confidentiality of our information compromised by the structure of these TPA\’s and companies like Medical Excess, but that information keeps getting shifted around from company to company. It makes me wonder whether our information will not only be used for identity theft, but also somehow sold for commercial purposes — or, just to stretch it a bit further, it wouldn\’t surprise me one bit if Medical Excess might be a bit player in government efforts to grab every bit of data about everyone from anyplace. Read Jonathan Turley\’s column in Saturday\’s L.A. Times – here\’s the link:
http://www.latimes.com/news/printedition/opinion/la-oe-turley24jun24,1,3332362.story
Who knows where our info is going to end up?
Regardless, this whole episode just shows how poorly Medical Excess treats its clients – where\’s the accountability?
OK – what was at risk is in \’a few cases\’ medical info & SS #s. Brokers used our SS #s in place of another # that typically does not identify the person – IE insurance card may have a BBH334KL as an ID to prevent theft. So the brokers were seeking quotes from AIG, & one of AIG\’s employee benefit products is this thing called \’Medical Excess,\’ which is listed at the top of my letter. Essentially, medical excess is \’coverage for employees who need insurance beyond the limits allowed by most plans.\’ In my case, I have 2 dental plans & have had many dental issues. This is considered the \’catastrophic medical risk management business.\’ So perhaps some of us are using the medical benefits we PAY FOR.
both my employer and my husband\’s are self-funded & his also changed administrators in the last year….now both employers use the same administrator. Here\’s another interesting article I found regarding what identity thieves do with health records: http://www.informationweek.com/news/showArticle.jhtml?articleID=189500020
AARGH…just spoke with a co-worker & she also got the letter…think it\’s my employer then. So…what can be done? Anything?
Irate,
The insurance I carry through my employer was dental as well. However, now that I think about it, I may have maxed out our family benefit for the 2005 year, but I found it not to be a bargain so I dropped it at the end of 2005. I don\’t have any other insurance through my own employer (on husband\’s plan), so I find the whole thing to be kind of bizarre. Unless I\’m still in somebody\’s database when I shouldn\’t be. I suppose if a group is shopping around, they will use information from a prior year. I\’m still really ticked about this!
OK, so I just got the infamous letter. I won\’t waste time with my feelings about this experience (they\’re undoubtably the same as yours.) The question is, what can we– all 930.000 of us– do to organize and gain some kind of voice in all this, rather than simply being the victims? I have to admit being skeptical of class-actions (for a variety of reasons)… but I do want to see some accountability from those responsible (AIG, not just anonymous thieves), a restoration of my sense of privacy and security, and hopefully protection for other consumer\’s rights so they don\’t also have to go through this. Are there any organizations that can assist us? What can WE do?
The more I read about this the more miffed i get that some broker has my ID, my medical/dental history, & considers my past treatments as \’high risk,\’ meaning, \’I might cost the company a ton of money.\’ Claim & cost reduction \’to help maximize medical $$$ spent & at the same time preserve or enhance clinical outcomes.\’ Oddly, they list things like renal disease, organ transplant, hemophillia, multiple medical conditions as the high costs they are trying to contain! I have a dental implant & root canals & freq cleanings. Guess i am just too expensive!
the thing is, our confidentiality, our privacy, has been violated by brokers trying to save money. Our HIPPA rights are violated. I may check out a HIPPA website. SS # should NEVER EVER be used & other \’dummy\’ numbers are what we in insurance companies use. So the brokers, thier employers, those who are not named in the articiles, they are accountable. If they are in the business of buying/selling cheap medical coverage for high utilizers, then they should use protected ID\’s. I will read thru some of my HIPPA materials but this medical data they collect is PROTECT HEALTH INFORMATION – PHI. Our true identities should not be resting on a laptop.
Can\’t begin to tell you how much we are lectured to and tested over our knowledge of HIPAA in my workplace. Employees at the healthcare institution in which I am employed are fired in a heartbeat for violating anything regarding HIPAA! Individuals are hired to simply track on-line activity of employees to make sure they aren\’t looking at any patient information unrelated to their need to do their jobs. I am going to contact the HIPAA compliance officer at our institution regarding this gross violation of my medical records, not to mention the theft of valuable personal information!
I agree with Kay. The envelope in which the rather important letter was sent just appears to be another piece of junk mail. I opened it just to make sure it didn\’t contain something I might need to shred (to protect my identity)…so much for that precaution! I retrieved the envelope from my trash can just in case it might be useful in a court case someday!
If the area was password-protected, then whoever took the server knew a lot about what they were doing. Checking the contents of the server would be child\’s play for them.
I too am angered that I did not do business with AIG directly, nor was I given any information to the effect that AIG would have access to my records. Clearly the people at my agency gave AIG the data without first validating AIG\’s security. I intend to find out which of my insurance companies brokered my information and find out why they did such an irresponsible thing.